SunQuest
           Server Administration
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Codewalkers ForumsOther TechnologiesServer Administration
Reload this Page

iptables help for rh8

Discuss iptables help for rh8 in the Server Administration forum on Codewalkers.
iptables help for rh8 Topics in this forum should be about server administration on both *nix and Windows platforms. Discussion can include mail servers, web servers, DNS, shell scripting, etc.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Codewalkers Forums Sponsor:
Stay one step ahead of the competition. Evaluate and give feedback on some of the hottest web development tools on the market today. Make your opinion heard! Click Here
  #1  
Old December 2nd, 2003, 02:32 AM
climber climber is offline
Codewalkers Newbie (0 - 499 posts)
  
Join Date: Apr 2007
Location: Singapore
Posts: 31 climber User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 2
iptables help for rh8
I need some help with my iptables setup. I've come with this so far for my /etc/sysconfig/iptables it seems to work ok. But I have no idea where the logs go to even though I tried specifying them and also I want to be able to mask others from using NMAP to see what application are running. Any ideas?

[IPtable]
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]

## Drop all incoming fragments
-A INPUT -i eth0 -f -j DROP

## Drop outside packets with localhost address - anti-spoofing measure
-A INPUT -s 127.0.0.0/255.0.0.0 -i ! lo -j DROP

## Drop bad packets
-A INPUT -p ALL -m state --state INVALID -j DROP

## Pass all locally-originating packets
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

## REJECT ICMP ping echo request packets
## (this prevents other people from pinging the machine, among other things)
-A INPUT -p icmp --icmp-type echo-request -j REJECT

## Accept all traffic from a specific machine with IP x.x.x.x
-A INPUT -p tcp -m tcp --syn -s 203.116.0.0/255.255.0.0 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.117.0.0/255.255.0.0 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.118.0.0/255.255.0.0 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 61.8.192.0/255.255.224.0 -j ACCEPT

## Allow web server access from specfic IP range (port 80)
-A INPUT -p tcp -m tcp --syn -s 203.116.0.0/255.255.0.0 --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.117.0.0/255.255.0.0 --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.118.0.0/255.255.0.0 --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 61.8.192.0/255.255.224.0 --dport 80 -j ACCEPT

## Allow secure web server access from specific IP range (port 443)
-A INPUT -p tcp -m tcp --syn -s 203.116.0.0/255.255.0.0 --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.117.0.0/255.255.0.0 --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.118.0.0/255.255.0.0 --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 61.8.192.0/255.255.224.0 --dport 443 -j ACCEPT


## Accept all inbound ssh traffic
-A INPUT -p tcp -m tcp --syn -s 203.116.1.62 --dport 22 -j ACCEPT

## Allow inbound established and related outside communication
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

## Drop outside initiated connections
-A INPUT -m state --state NEW -j REJECT

## Allow all outbound tcp, udp, icmp traffic with state
-A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p udp -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

## Log all inbound and outbound connections
-A INPUT -j LOG --log-prefix "INPUT packets: "
-A OUTPUT -j LOG --log-prefix "OUTPUT packets: "
COMMIT[/IPtable]

[syslog.conf]
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages

# The authpriv file has restricted access.
authpriv.* /var/log/secure

# Log all the mail messages in one place.
mail.* /var/log/maillog


# Log cron stuff
cron.* /var/log/cron

# Everybody gets emergency messages
*.emerg *

# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler# Save boot messages also to boot.log
local7.* /var/log/boot.log

kern.=debug /var/log/iptables/firewall.log

# IPtables informational log
kern.=info /var/log/iptables/info.log

#IPtables warnings log
kern.=warnings /var/log/iptables/warn.log
Reply With Quote
Reply

Viewing: Codewalkers ForumsOther TechnologiesServer Administration > iptables help for rh8

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 6 hosted by Hostway